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I. REAL PARTY IN INTEREST 

The real party in interest is NEC CORPORATION (Assignee) by virtue of an assignment 
executed by the inventors Jens-Peter REDLICH, Thomas KUEHNEL and Wolf MUELLER on 
February 20, 2002, February 28, 2002 and March 9, 2002, respectively and filed on January 29, 
2002 to NEC USA, INC., and recorded by the Assignment Branch of the U.S. Patent and 
Trademark Office on March 15, 2002 (at Reel 012685, Frame 0794); and by virtue of an 
assignment by NEC USA, FNC. to NEC CORPORATION on April 11, 2003 and recorded by 
the Assignment Branch of the U.S. Patent and Trademark Office on April 11, 2003 (at Reel 
013926, Frame 0288). 
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II. RELATED APPEALS AND INTERFERENCES 

Upon information and belief, there are no other prior or pending appeals, interferences, or 
judicial proceedings known to Appellants, Appellants' representatives or the Assignee that may 
be related to, be directly affected by, or have a bearing on the Board's decision in this appeal. 
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III. STATUS OF CLAIMS 

Each of the pending claims 1-34, 36-41 are rejected (see Final Office Action dated 
November 22, 2006) and are presently under appeal. Specifically, following are the pending 
rejections which are under appeal. 

1. Rejection of claims 1-22, 24-25, 28-32, 36-37 and 39-40 under 35 U.S.C.103(a) as 
being unpatentable over Slemmer (US 6,226,677) in view of Giniger et al - hereinafter Giniger 
(U.S. 6,751,729). 

2. Rejection of claims 23, 26-27, 34 and 38 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Slemmer (US 6,226,677) / Giniger (U.S. Patent No. 6,751,729) further in view 
of Jansen et al. - hereinafter Jansen (U.S. 6,243,450). 

3. Rejection of claims 33 and 41 under 35 U.S.C. § 103(a) as being unpatentable over 
Slemmer (U.S. 6,226,677) / Giniger (U.S. 6,751,729) further in view of Bahl (US 6,957,276). 
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IV. STATUS OF AMENDMENTS 

To reduce issues on Appeal, the Applicants concurrently file an amendment under section 
116, canceling claim 35. 
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V. SUMMARY OF THE CLAIMED SUBJECT MATTER 

Appellants invention relates to techniques for providing secure public access to an IP 
network using third-party operated access stations in a situation where the access station is an 
"untrusted" access station. Using these techniques authentication, authorization, accounting, and 
ciphering of data for access to an IP network can be done via access stations that are operated by 
potentially malicious and untrusted third-parties. 

Nowadays, small independent operators offer Internet access in a small geographical 
area. For example, users can access content providers on the Internet using their own devices 
(PDAs or laptops) sitting in coffee shops (for example, Starbucks). Such an access to the 
Internet uses access stations provided by the independent operator. However, trustworthiness of 
the independent is not guaranteed. Malicious operators may find it easy to eavesdrop on the 
communication between the user and the content provider. They might also find means to obtain 
the credentials like the login names and the passwords from the user's traffic. The present 
invention provides secure access that is independent of such an operator's access station. 

The exemplary embodiment of depicted in FIG. 1 shows a secure tunnel (1) that is 

established between a terminal user U (3) and trusted node T (5) via access station A (7). The 

user U seeks authentication from the ISP (4). Once terminal U (3) and ISP P (4) are 

authenticated, ISP P selects a trusted node T (5). The ISP P (4) distributes session keys to 

terminal U (3) and trusted node (5). Importantly, this secret session key is not known to the 

access station A. All further communication between U and T is performed by encrypting the 

data using the secret session key. Thus a secure tunnel (1) between U and T is established. Using 
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the secure tunnel (1), terminal U (3) transmit encrypted data packets to trusted node T (5). 

FIG. 2 shows an example of the authentication and session key transfer between terminal 
U (3), access station A (7), ISP P (4) and trusted node T (5). Specifically authentication 
procedures are performed between terminal U (3) and ISP P (4) via access station A (7). Upon 
the valid authentication of both terminal U (3) and ISP P (4), ISP P (4) generates and distributes 
session keys to a trusted node T (5) and terminal U (3) as depicted by the short dash line. As 
noted above, all subsequent data between terminal U (3) and trusted node T (5) are encrypted 
and sent via the secure tunnel (1) which passes through access station A (7). Since the 
encryption is done based on the secret session key unknown to the access station A, it cannot 
decipher or modify the data packet. In other words, access station A (7) is forced to simply acts 
as a conduit between terminal U (3) and trusted node T (5) while trusted node T (5) forwards and 
receives data packets from the IP network (9). 

The present invention, as recited in claim 1 , provides a method for performing mutual 

authentication and authorization of a user's terminal device (U) and an Internet Service Provider 

(P) in order to establish secure communication between the terminal (U) and a trusted network 

element (T) to the Internet via an untrusted access station (A) (Specification [0012]). An 

association is established between a terminal (U) and an untrusted access station (A) 

(Specification [0063] 11.4-6). An ISP authentication packet is transmitted from terminal (U) to 

ISP (P) via the untrusted access station (A) (Specification [0068]-[0078]). A user authentication 

packet is sent from said ISP (P) to said terminal (U) via said untrusted access station (A) 

(Specification [0082]-[0090]). Upon authentication of said terminal (U) and said ISP (P), said 
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ISP generates a session key and distributing the session key to said terminal (U) and a trusted 
network element (T) (Specification [0097]). The session key is used to encrypt traffic between 
the terminal (U) and the trusted network element (T) (Specification [0097]). Thus a secure 
tunnel is established such that the terminal (U) may communicate with the Internet via said 
trusted network element (T) (Specification [0097]). The secure tunnel emulates a physical link 
between the terminal (U) and the trusted network element (T) such that traffic transmitted 
between the terminal (U) and said Internet via said trusted network element (T) is secure from 
modification or eavesdropping by said untrusted access station (A) (Specification [0108]). A 
connection is established between the terminal and the ISP for trusted network services without 
providing the terminal with direct access to the Internet (Specification [0107]-[01 10]). 

The present invention, as recited in claim 4, is a method for providing public access to IP- 
based networks via an untrusted infrastructure having untrusted access points. A connection is 
established between an IP-device (U) and said untrusted access point (A), wherein an IP address 
is dynamically allocated to the IP device (Specification [0063]). An ISP authentication request is 
transmitted from said IP device (U) to an internet service provider (P) affiliated with said IP 
device (U) (Specification [0068]-[0078]). The authentication request is transmitted through said 
untrusted access point (A) affiliated with said untrusted third party owned infrastructure 
(Specification [0068]-[0078]). A user authentication request is transmitted from the ISP (P) to 
the IP device (U) to determine whether the IP device (U) is a valid user affiliated with said ISP 
(P), wherein said authentication request is transmitted through said untrusted access point (A) 

affiliated with said untrusted third party owned infrastructure (Specification [0079]-[0087]). 
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When said ISP (P) authentication request and said user authentication requests is affirmative, the 
ISP (P) generates a key session for encrypting data packets and distributes said session key to 
said IP device (U) and a trusted node (T) (Specification [0097]). The session key is used to 
encrypt data transmitted between said IP device (U) and said trusted node (T). (Specification 
[0097]) Thus a secure tunnel is established as said session key is used to encrypt data packets 
transmitted between said IP device (U) and said trusted node (T), such that said data packets 
transmitted between said IP device (U) and an Internet via the untrusted access station (A) are 
protected from modification and manipulation by said untrusted access station (A) in said secure 
tunnel (Specification [0108]). The connection is established between the terminal and the ISP 
for trusted network services without providing the terminal with direct access to the Internet 
(Specification [0107]-[0110]). 

The present invention, as recited in claim 5 is a method for providing public access to IP- 
based networks through a third party owned, untrusted infrastructure having untrusted access 
stations ((Specification [0012]). A connection is established between an IP-device (U) and said 
access station (A) wherein an IP address is dynamically allocated to said IP device (U) 
(Specification [0063]). An ISP authentication request is sent to said internet service provider (P) 
affiliated with said IP device (U) requesting to validate the authenticity of the ISP (P) 
(Specification [0068]-[0078]). A user authentication request is sent from said ISP (P) to said IP 
device (U) to validate whether said IP device (U) has a service agreement with said ISP (P) 
(Specification [0079]-[0087). On affirmative authentication of said ISP (P) and said IP device 

(U), a trusted connection is established between said IP device (U) and a trusted network element 
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(T) (Specification [0097]). The secure tunnel allows the ISP (P) to dynamically obtain control of 
resource in said untrusted third party owned access station (A) in order to provide the IP device 
(U) with prescribed for services (Specification [001 1]). The connection is established between 
the terminal and the ISP for trusted network services without providing the terminal with direct 
access to the Internet (Specification [0107]-[01 10]). 

The present invention, as recited in claim 6, is method of establishing secure 
communication between a terminal (U), the Internet Service Provider (P) affiliated with that 
terminal and the Internet over a third party owned untrusted access station (A) (Specification 
[0012]). A connection is established between the terminal (U) and said access station (A) 
(Specification [0063]). An ISP authentication request is sent to said internet service provider (P) 
affiliated with said terminal (U) (Specification [0068]- [0078]). A user authentication request is 
sent from said ISP (P) to said terminal (U) (Specification [0079]-[0087]). On affirmative 
authentication of said ISP (P) and said terminal (U) a trusted connection is established between 
said IP device (U) and a trusted network element (T) (Specification [0097]). A secure tunnel 
allows the ISP (P) to dynamically obtain control of resource in said untrusted access station (A) 
in order to provide the IP device (U) with prescribed for services (Specification [001 1]). The 
connection is established between the terminal and the ISP for trusted network services without 
providing the terminal with direct access to the Internet (Specification [0107]-[01 10]). 

The present invention, as recited in claim 36, is a method of operating an untrusted access 

station deployed so as to provide a local network with access to a wide area network, the method 

comprising. A untrusted access station receives a request from a terminal to access trusted 
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network services (Specification [0063]). Without providing the terminal with direct access to the 
wide area network, establishing a connection between the terminal and an authentication server 
for trusted network services (Specification [0063]-[0067]). Authentication of the terminal with 
the authentication server for the trusted network services is performed (Specification [0072]- 
[0079]). The terminal is allowed to establish a secure channel to trusted network services across 
the wide area network only if the authentication succeeds (Specification [0097]). 
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VI. GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL 

1. Rejection of claims 1-22, 24-25, 28-32, 36-37 and 39-40 under 35 U.S.C.103(a) as 
being unpatentable over Slemmer (US 6,226,677) in view of Giniger et al - hereinafter Giniger 
(U.S. 6,751,729). 

2. Rejection of claims 23, 26-27, 34 and 38 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Slemmer (US 6,226,677) / Giniger (U.S. Patent No. 6,751,729) further in view 
of Jansen et al. - hereinafter Jansen (U.S. 6,243,450). 

3. Rejection of claims 33 and 41 under 35 U.S.C. § 103(a) as being unpatentable over 
Slemmer (U.S. 6,226,677) / Giniger (U.S. 6,751,729) further in view of Bahl (US 6,957,276). 

All of the above rejections are under appeal. 
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VII. ARGUMENT 

1. General Remarks 

Further to the arguments made in the Appeal Brief filed on August 27, 2008, the 

Examiner withdrew the section 102(e) rejection of the claims based on 102(e). The Appellants 
respectfully submit that arguments similar to the ones presented in the Appeal Brief were 
presented in response to several Office Actions. However, the Examiner withdrew the 
anticipation rejection only after an Appeal Brief was filed. 

But then, in spite of the considerable time and resources expended this far, the Examiner 
has reopened prosecution with an additional reference Slemmer which does not add to the 
teachings of Giniger. More importantly, for key aspects of the invention, the Examine continues 
to rely on Giniger in spite of the fact that the Examiner indicates in the Office Action that the 
Appellants arguments distinguishing the present invention from Giniger .."have been fully 
considered and persuasive." 

2. Claims 1-22. 24-25, 28-32, 36-37 and 39-40 are not obvious over the combined teachings 
of Slemmer and Giniger 

Importantly, the Examiner relies on Giniger for its alleged teaching related to generating 
a session key, distributing the session key to the terminal and the trusted network element and 
establishing a secure tunnel between the terminal and the trusted network element. Further, the 
Examiner alleges that Giniger suggests that such a tunnel will be secure from modification by 
the third party access station. The Appellants respectfully disagree. 



13 



APPEAL BRIEF UNDER 37 C.F.R § 41.37 
U.S. Patent Application No.: 10/057,914 



Attorney Docket No.: A7995 



Giniger merely discloses a conventional virtual private network setup. The virtual 
network is established between a plurality of "edge devices." (Giniger 7:36-40). The edge device 
acts as an intermediary between a local network of computers and the VPN. Thus, a packet from 
a user computer device would travel through the local network, arrive at the edge device, and the 
edge device would intelligently decide which VPN tunnel to send it through so as to arrive its 
destination (Giniger 7:54-64). The edge devices include cryptographic modules so as to ensure 
that the tunnels established between the edge devices are secure (Giniger 10:37-54). In other 
words all the cryptographic function including encryption is performed at the edge device. 
Therefore, the edge device must be trusted to include the cryptographic module and establish 
the secure tunnels. Thus, in Giniger, specific manufacturing rules for ensuring that the 
cryptographic certificates are stored in a tamper-resistant portion of the edge device are provided 
(Giniger 12:50-59). 

The present invention relates to methods for performing mutual authentication and 
authorization of a users terminal and an ISP to provide a secure communication between the 
terminal and a trusted element to the internet via an untrusted access station. For example, in 
the embodiments shown on Fig. 1 and Fig. 2, the user terminal 3 is connected to the trusted 
network element 5 via an untrusted access station 4. The sequence of steps are described in 
relation to Fig. 1 and Fig. 2. 

The exemplary embodiment of depicted in FIG. 1 shows a secure tunnel (1) that is 

established between a terminal user U (3) and trusted node T (5) via access station A (7). The 

user U seeks authentication from the ISP (4). Once terminal U (3) and ISP P (4) are 
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authenticated, ISP P selects a trusted node T (5). The ISP P (4) distributes session keys to 
terminal U (3) and trusted node (5). Importantly, this secret session key is not known to the 
access station A. All further communication between U and T is performed by encrypting the 
data using the secret session key. Thus a secure tunnel (1) between U and T is established. Using 
the secure tunnel (1), terminal U (3) transmit encrypted data packets to trusted node T (5). 

FIG. 2 shows an example of the authentication and session key transfer between terminal 
U (3), access station A (7), ISP P (4) and trusted node T (5). Specifically authentication 
procedures are performed between terminal U (3) and ISP P (4) via access station A (7). Upon 
the valid authentication of both terminal U (3) and ISP P (4), ISP P (4) generates and distributes 
session keys to a trusted node T (5) and terminal U (3) as depicted by the short dash line. As 
noted above, all subsequent data between terminal U (3) and trusted node T (5) are encrypted 
and sent via the secure tunnel (1) which passes through access station A (7). Since the 
encryption is done based on the secret session key unknown to the access station A, it cannot 
decipher or modify the data packet. In other words, access station A (7) is forced to simply acts 
as a conduit between terminal U (3) and trusted node T (5) while trusted node T (5) forwards and 
receives data packets from the IP network (9). 
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FIG. 2 
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The extensive prosecution of this case will reveal that a key point of difference between the 
Examiner's position and the Appellants position is regarding whether the end node of 
Giniger can be considered to be "untrusted." 

Giniger includes a general teaching on providing secure service communication services 
over a data network. Further, it teaches establishing a tunneling communication service. 
However, the specific issue of accessing an internet in a trusted way between a user terminal via 
an untrusted access station is not even remotely suggested. The end node of Giniger cannot be 
considered to be an untrusted access station as in the present invention. Notably, the end node of 
Giniger is actively involved in authentication, encryption ,etc. In fact, since the edge device is 
actively involved in providing a secure tunnel, the device of Giniger should expect that the edge 
device is trusted, unlike in the present invention. 

Specifically, the present invention (as recited in claim 1) requires establishing an 
association between a terminal and an untrusted access station. Giniger does not disclose or 
suggest establishing such an association between a terminal and an untrusted access station. 

Further, the present invention requires distributing a secure key to a trusted network 

element for encrypting traffic between the terminal and the trusted network element. Using the 

encryption, a secure tunnel is established such that the terminal may communicate with the 

internet via the trusted network element. Specifically, the secure tunnel is required to be 

established in such a way that the traffic in the secure tunnel is secure from modification by the 

access station. On the other hand, in Giniger since the edge device is involved in encryption, it 

can easily modify or maliciously interfere with the data. 
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Importantly, the passages cited by the Examiner (15:19-22) merely suggests establishing 
tunnels between edge nodes. 

As in the Final Office Action dated July 13, 2005 and in the Office Action dated October 
25, 2007, the Examiner does not provided any reason as to why he construes the edge device of 
Giniger to be an untrusted access station. 

The present invention relates to techniques for providing a secure communication 
channel between a user terminal and a trusted network element via an untrusted access station. 
Giniger des not disclose (or suggest) such a technique. 

Examiner cites Slemmer for its alleged teaching related to establishing an association 
between the terminal and an untrusted access station, performing authentication and establishing 
a connection between the terminal and the trusted network element. The Examiner refers to Col. 
6 line 55 - Col. 7 line 52 of Slemmer for its alleged support of this feature. 

Slemmer suggests conventional technique for connecting a user machine to the internet 
using a proxy server 130. However, as the Examiner admits, it does not suggest the above 
discussed features of the present invention. 

To establish a prima facie case of obviousness, three basic criteria must be met. First, 

there must be some suggestion or motivation, either in the references themselves or in the 

knowledge generally available to one of ordinary skill in the art, to modify the reference or to 

combine reference teachings. Second, there must be a reasonable expectation of success. 

Finally, the prior art reference (or references when combined) must teach or suggest all the claim 

limitations. The teaching or suggestion to make the claimed combination and the reasonable 
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expectation of success must both be found in the prior art, not in applicant's disclosure. MPEP 
2143 citing In re Vaeck, 947 F.2d 488, 20 USPQ2d 1438 (Fed. Cir. 1991). 

The Examiner has not established obviousness of the present invention (as recited in 
claim 1) by the combined teachings of Slemmer and Giniger at least because Giniger does not 
disclose establishing a secure tunnel between a user terminal and a trusted network element via 
an untrusted access station. Therefore, the finding of obviousness of claim 1 by Slemmer and 
Giniger must be reversed. Since the "all elements" prong of the three prong test for obviousness 
fails, the motivation prong must also fail. 

Claims 4, 5, 6 and 36 include features that are discussed above that are analogous to 
claim 1 (specifically the limitations related to "untrusted" access station). Therefore, the 
rejection of these claims based on the combined teachings of Slemmer and Giniger must also be 
reversed. 

Claims 2, 3, 7-22, 24-25, 28-32, 37 and 39-41 are dependant on claims 1, 6 and 36 
respectively. Therefore, they are patentable for the same reasons. 

Claims 23, 26-27, 34 and 38 are not obvious over Slemmer, Giniger and Jensen 

The above claims are dependant on claim 6, and therefore, are allowable for at least the 

same reasons. Further, Jensen does not overcome the deficiencies noted above in the teachings 

of Giniger. Therefore, the finding of obviousness based on the combined teachings of Slemmer, 

Giniger and Jensen must also be reversed. 
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Claims 33 and 41 are not obvious over Slemmer, Giniger and Bahl 

The above claims are dependant on claim 6, and therefore, are allowable for at least the 

same reasons. Further, Bahl does not overcome the deficiencies noted above in the teachings of 

Slemmer and Giniger. Therefore, the finding of obviousness based on the combined teachings of 

Slememr, Giniger and Bahl must also be reversed. 

Unless a check is submitted herewith for the fee required under 37 C.F.R. §4 1.37(a) and 
1.17(c), please charge said fee to Deposit Account No. 19-4880. 

The USPTO is directed and authorized to charge all required fees, except for the Issue 
Fee and the Publication Fee, to Deposit Account No. 19-4880. Please also credit any 
overpayments to said Deposit Account. 

Respectfully submitted, 

/Chidambaram. S.Iyer/ 

Chid S. Iyer 
Registration No. 

Date: April 25, 2008 



SUGHRUE MION, PLLC 
Telephone: (202) 293-7060 
Facsimile: (202) 293-7860 

— 73 ICE 

CUSTOMER NUMBER 



20 



APPEAL BRIEF UNDER 37 C.F.R § 41.37 
U.S. Patent Application No.: 10/057,914 



Attorney Docket No.: A7995 



CLAIMS APPENDIX 
CLAIMS 1-41 ON APPEAL: 

1 . (previously presented): A method for performing mutual authentication and 
authorization of a user's terminal device (U) and an Internet Service Provider (P) in order to 
establish secure communication between the terminal (U) and a trusted network element (T) to 
the Internet via an untrusted access station (A) comprising: 

establishing an association between a terminal (U) and an untrusted access station (A); 

transmitting an ISP authentication packet from terminal (U) to ISP (P) via the untrusted 
access station (A); 

sending a user authentication packet from said ISP (P) to said terminal (U) via said 
untrusted access station (A); 

upon authentication of said terminal (U) and said ISP (P), said ISP performs the 
following: 

generating a session key; 

distributing said session key to said terminal (U) and a trusted network element (T), 
wherein said session key is used to encrypt traffic between the terminal (U) and the trusted 
network element (T); 

establishing a secure tunnel such that the terminal (U) may communicate with the 
Internet via said trusted network element (T); 
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wherein said secure tunnel emulates a physical link between the terminal (U) and the 
trusted network element (T) such that traffic transmitted between the terminal (U) and said 
Internet via said trusted network element (T) is secure from modification or eavesdropping by 
said untrusted access station (A), 

wherein a connection is established between the terminal and the ISP for trusted network 
services without providing the terminal with direct access to the Internet. 

2. (previously presented): The method for performing mutual authentication and 
authorization of a terminal (U) and an Internet Service Provider (P) in order to establish a secure 
tunnel between the terminal (U) and a trusted network element to the Internet (T) via an 
untrusted access station (A) of claim 1, wherein the ISP (P) authentication packet contains an 
authentication challenge (CH_U) from terminal (U) to ISP (P) to authenticate the identity of ISP 
(P)- 

3. (previously presented): The method for performing mutual authentication and 
authorization of a terminal (U) and an Internet Service Provider (P) in order to establish a secure 
tunnel between the terminal (U) and a trusted network element to the Internet (T) via an 
untrusted access station (A) of claim 1, wherein the user authentication packet contains an 
authentication challenge (CH P) from ISP (P) to the terminal (U) to authenticate the identity of 
user (U). 

4. (previously presented): A method for providing public access to IP -based networks 
via an untrusted infrastructure having untrusted access points comprising: 
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establishing a connection between an IP-device (U) and said untrusted access point (A), 
wherein an IP address is dynamically allocated to said IP device; 

transmitting an ISP authentication request from said IP device (U) to an internet service 
provider (P) affiliated with said IP device (U), wherein said authentication request is transmitted 
through said untrusted access point (A) affiliated with said untrusted third party owned 
infrastructure; 

transmitting a user authentication request from said ISP (P) to said IP device (U) to 
determine whether said IP device (U) is a valid user affiliated with said ISP (P), wherein said 
authentication request is transmitted through said untrusted access point (A) affiliated with said 
untrusted third party owned infrastructure; 

when said ISP (P) authentication request and said user authentication requests is 
affirmative, said ISP (P): 

generates a key session for encrypting data packets; and 

distributes said session key to said IP device (U) and a trusted node (T), wherein said 
session key is used to encrypt data transmitted between said IP device (U) and said trusted node 

(T); 

establishing a secure tunnel as said session key is used to encrypt data packets transmitted 
between said IP device (U) and said trusted node (T), such that said data packets transmitted 
between said IP device (U) and an Internet via the untrusted access station (A) are protected from 
modification and manipulation by said untrusted access station (A) in said secure tunnel, 
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wherein a connection is established between the terminal and the ISP for trusted network 
services without providing the terminal with direct access to the Internet. 

5. (previously presented): A method for providing public access to IP -based networks 
through a third party owned, untrusted infrastructure having untrusted access stations (A) 
comprising: 

establishing a connection between an IP-device (U) and said access station (A), wherein 
an IP address is dynamically allocated to said IP device (U); 

sending an ISP authentication request to said internet service provider (P) affiliated with 
said IP device (U) requesting to validate the authenticity of the ISP (P); 

sending a user authentication request from said ISP (P) to said IP device (U) to validate 
whether said IP device (U) has a service agreement with said ISP (P); 

upon affirmative authentication of said ISP (P) and said IP device (U); 

establishing a trusted connection between said IP device (U) and a trusted network 
element (T), wherein a secure tunnel allows the ISP (P) to dynamically obtain control of resource 
in said untrusted third party owned access station (A) in order to provide the IP device (U) with 
prescribed for services, 

wherein a connection is established between the terminal and the ISP for trusted network 
services without providing the terminal with direct access to the Internet. 

6. (previously presented): A method of establishing secure communication between a 

terminal (U), the Internet Service Provider (P) affiliated with that terminal and the Internet over a 

third party owned untrusted access station (A) comprising: 
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establishing a connection between the terminal (U) and said access station (A); 
sending an ISP authentication request to said internet service provider (P) affiliated with 
said terminal (U); 

sending a user authentication request from said ISP (P) to said terminal (U); 
upon affirmative authentication of said ISP (P) and said terminal (U): 
establishing a trusted connection between said IP device (U) and a trusted network 
element (T), wherein a secure tunnel allows the ISP (P) to dynamically obtain control of resource 
in said untrusted access station (A) in order to provide the IP device (U) with prescribed for 
services, 

wherein a connection is established between the terminal and the ISP for trusted network 
services without providing the terminal with direct access to the Internet. 

7. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 6, wherein the ISP authentication request contains an authentication 
challenge (CH U) from terminal (U) to ISP (P) to authenticate the identity of ISP (P). 

8. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 6, wherein the user authentication request contains an authentication 
challenge (CH P) from ISP (P) to the terminal (U) to authenticate the identity of terminal (U) as 
having subscribed to said ISP (P) for services. 
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9. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 6, the ISP (P) generates a session key for encrypting data packets 
upon the affirmative authentication of the terminal (U) and the ISP (P). 

10. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 6, wherein the ISP (P) selects a trusted node (T) with said Internet. 

1 1 . (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 9, wherein said ISP (P) distributes said session key to the terminal (U) 
and the trusted node (T). 

12. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 6, wherein the session key is used to encrypt data packets transmitted 
between the terminal (U) and the trusted node (T). 

13. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 12, wherein the transmission of encrypted data packets between the 
terminal (U) and the trusted node (T) established a secure tunnel. 

14. (original): A method of establishing secure communication between a terminal (U), 

the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
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access station (A) of claim 13, wherein the secure tunnel protects the data packets from 
manipulation by said untrusted access station (A). 

15. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 6, a time out is distributed to the trusted node (T) and terminal (U) 
upon the establishment of a secure tunnel. 

16. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 15, wherein the timeout value is set to a predetermined time period, 
wherein if the secure tunnel is active for a time period equal to the timeout value, the secure 
tunnel will expire and the resources utilized for the secure tunnel will be releases. 

17. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 6, wherein upon receipt of an encrypted data packet from the terminal 
(U), the trusted node (T) decrypts the data packet and forwards the decrypted data packet to the 
Internet. 

18. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 17, wherein upon receipt of an encrypted data packet from the 
terminal (U), the trusted node (T) decrypts the data packet and forwards the decrypted data 
packet to a remote communication peer (R). 
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19. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 18, wherein the Internet sends an original data packet to the terminal 
(U) via the trusted node (T), wherein the trusted node (T) encrypts the original data packet and 
forwards the encrypted data packet to the terminal (U) via the untrusted access station (A). 

20. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 17, wherein upon receipt of the encrypted data packet from the 
trusted node (T), the terminal (U) utilizes the session key to decrypt the data packet thus yielding 
the original data packet from the Internet. 

21 . (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 18, wherein a remote communication peer (R) sends an original data 
packet to the terminal (U) via the trusted node (T), wherein the trusted node (T) encrypts the 
original data packet and forwards the encrypted data packet to the terminal (U) via the untrusted 
access station (A). 

22. (original): A method of establishing secure communication between a terminal (U), 

the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 

access station (A) of claim 21, wherein upon receipt of the encrypted data packet from the 

trusted node (T), the terminal (U) utilizes the session key to decrypt the data packet thus yielding 

the original data packet from the remote communication peer (R). 
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23. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 6, wherein the ISP (P) provides an accounting of time to the untrusted 
access station (A) for resources utilized by the terminal (U). 

24. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 6, wherein the untrusted access station (A) is incorporated into a third 
party owned network infrastructure. 

25. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 24, wherein the ISP (P) provides the terminal (U) with at least one 
subscribed for service via an untrusted access station (A). 

26. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 6, wherein the ISP (P) reimburses the untrusted access station (A) for 
resources expended on the terminal (U) according to an accounting of time. 

27. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 25, wherein the ISP (P) bills the terminal (U) for services provided to 
the terminal (U). 
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28. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 24, wherein the untrusted access station (A) is located in the network 
infrastructure of a public facility. 

29. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 28, wherein the public facility is at least one of an airport, a 
convention center, a restaurant, a hotel, a library, and a school. 

30. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 24, wherein the untrusted access station (A) is located within the 
infrastructure of a private household or within the private infrastructure of a corporation or 
government institution. 

3 1 . (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 6, wherein the untrusted access stations (A) is compatible with at 
least one wireless transmission standard including WLAN (IEEE 802.1 1), BlueTooth (IEEE 
802.15), or HiperLan. 

32. (previously presented): A method of establishing secure communication between a 

terminal (U), the Internet Service Provider (P) affiliated with that terminal and the Internet over 

an untrusted access station (A) of claim 6, wherein the terminal (U) is a mobile device. 
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33. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 6, wherein the terminal (U) recognizes a compatible access point by 
broadcasting a dynamic host configuration protocol (DHCP) request and receiving a "magic" 
DHCP response from the untrusted access station (A). 

34. (original): A method of establishing secure communication between a terminal (U), 
the Internet Service Provider (P) affiliated with that terminal and the Internet over an untrusted 
access station (A) of claim 6, wherein the untrusted access station (A) assigns an local unique 
identification (LUID) to the terminal (U) in order to facilitate matching the terminal with data 
packets when the untrusted access station (A) is simultaneously serving multiple terminals (U). 

35. (canceled). 

36. (previously presented): A method of operating an untrusted access station deployed 
so as to provide a local network with access to a wide area network, the method comprising: 

an untrusted access station receiving a request from a terminal to access trusted network 
services; 

without providing the terminal with direct access to the wide area network, establishing a 
connection between the terminal and an authentication 
server for trusted network services 

performing authentication of the terminal with the authentication server for the trusted 

network services; 

allowing the terminal to establish a secure channel to 
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trusted network services across the wide area network only if the authentication succeeds. 

37. (previously presented) The method of claim 36 wherein the authentication is 
performed using messages protected by public key cryptography. 

38. (previously presented): The method of claim 36 further comprising charging 
operators of the trusted network services for usage of the untrusted access station. 

39. (previously presented) The method of claim 36 wherein the networks are Internet 
Protocol networks. 

40. (previously presented) The method of claim 39 wherein the untrusted access station 
does not assign a global IP address to the terminal but allows the terminal to receive an IP 
address from the trusted network services. 

41 . (previously presented): The method of claim 39 wherein the access station assigns 
the terminal a special IP address acknowledging that it is able to provide access to the trusted 
network services. 
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